Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ruby yajl-ruby gem 安全漏洞
Vulnerability Description
Ruby是日本软件开发者松本行弘所研发的一种跨平台、面向对象的动态类型编程语言。yajl-ruby gem是其中的一个基于流的解析库。 Ruby yajl-ruby gem 1.3.0版本中的yajl_encode.c文件的‘yajl_string_decode’函数存在安全漏洞。攻击者可利用该漏洞造成拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A